Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/05ND_B_kWg-PU8Wmlxx5PvtLEM8.roa
File: 05ND_B_kWg-PU8Wmlxx5PvtLEM8.roa (raw, json)
Hash identifier: 8UxRmI76DtM+cPJko5Z1F84pFbeG4Vql+cj5F4d74aE=
Subject key identifier: D3:93:43:FC:1F:E4:5A:0F:8F:53:C5:A6:97:1C:79:3E:FB:4B:10:CF
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018C353B688B78D60BBB206F38C812FEC28A
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/05ND_B_kWg-PU8Wmlxx5PvtLEM8.roa
Signing time: Mon 04 Dec 2023 14:28:55 +0000
ROA not before: Mon 04 Dec 2023 14:28:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
209.227.224.0/20 maxlen: 24
195.231.64.0/20 maxlen: 24
82.192.128.0/19 maxlen: 24
194.182.110.0/23 maxlen: 24
217.61.56.0/21 maxlen: 24
195.231.80.0/21 maxlen: 24
209.227.240.0/20 maxlen: 24
195.231.88.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:3b:68:8b:78:d6:0b:bb:20:6f:38:c8:12:fe:c2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 4 14:28:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d39343fc1fe45a0f8f53c5a6971c793efb4b10cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:92:93:59:5a:4b:22:6b:58:1d:6a:0c:07:56:
77:85:ec:84:76:47:4f:fa:81:fa:8d:49:c0:6e:4e:
cf:7e:68:7d:fd:71:05:75:08:99:1a:56:12:fe:9b:
e3:48:b0:28:fe:3d:ac:66:d4:56:a1:8e:0b:17:06:
46:f5:98:da:b2:83:c3:a9:31:f6:6a:a9:19:f7:1f:
2b:15:04:c1:04:84:3b:29:77:83:68:bd:88:f7:11:
cb:6e:bd:0d:8a:29:4a:1e:34:a5:a6:fd:50:1a:9e:
a5:21:e3:32:b4:df:b2:48:49:fc:9f:fa:a1:33:bc:
b8:a7:28:b6:a3:e9:27:57:8d:0e:45:ee:37:fe:b9:
1f:57:d7:0e:1a:19:a2:39:a8:8c:5c:cb:e7:50:c6:
21:47:6e:ce:ca:79:47:29:59:e5:cd:96:0e:90:1f:
e9:7d:6e:00:a9:da:1a:9f:56:d7:5e:7d:5b:47:94:
84:9c:c9:22:86:33:f2:36:d4:b6:e7:5c:e2:8e:7d:
20:e1:cb:81:05:7e:a6:a6:35:34:30:df:8c:40:e4:
0a:13:b2:66:17:ae:cc:b1:ee:d0:1f:e4:9b:5c:9e:
57:74:ac:5e:ef:24:80:93:21:7a:c8:c5:76:37:c4:
a1:95:3f:d5:ee:f3:dc:52:ab:0e:c1:75:93:7c:fc:
ef:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:93:43:FC:1F:E4:5A:0F:8F:53:C5:A6:97:1C:79:3E:FB:4B:10:CF
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/05ND_B_kWg-PU8Wmlxx5PvtLEM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.224.0/19
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
14:1b:de:c5:e0:f7:07:56:8b:4e:62:ab:c4:85:c3:5b:fb:fd:
6f:33:6f:81:40:36:3b:27:df:9e:e9:57:e5:86:06:d5:b7:ce:
e9:2d:e1:08:c0:fb:c5:81:bc:5e:0f:41:a8:31:d7:e9:63:5b:
79:89:fd:3f:44:ad:94:bf:da:f2:f2:56:9c:cb:2a:e2:a2:f3:
92:7e:27:a6:38:aa:46:b9:76:7e:7b:cb:84:5c:5b:82:c1:99:
dc:30:72:67:3e:75:31:8f:08:3e:ee:d4:7e:d2:ba:95:2d:22:
6c:30:1c:33:e0:8d:c0:13:d3:98:f6:e6:a8:b9:c9:14:ca:5a:
64:91:b8:dc:a4:58:93:f6:bf:a3:44:30:62:dc:f5:f1:c0:b5:
de:1c:2f:94:fd:bf:65:d3:64:10:89:1f:10:e2:8f:1e:28:8c:
d5:68:3c:e0:89:fe:cd:3b:73:c3:25:d3:05:74:80:8e:a4:94:
87:ec:79:8b:f5:c4:39:37:bd:0c:0e:6e:4c:2d:e5:de:8a:94:
63:74:76:e7:e3:c2:a1:27:dd:2b:e4:b7:fd:fd:d1:79:b8:a1:
d6:14:36:0b:aa:47:23:69:55:3c:22:b1:0d:bc:ac:df:72:52:
aa:63:4b:39:45:da:81:82:e9:1f:09:94:cb:8a:12:7d:d4:e6:
6d:8c:8e:b6
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYw1O2iLeNYLuyBvOMgS/sKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMxMjA0MTQyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzkzNDNmYzFmZTQ1YTBmOGY1M2M1YTY5NzFjNzkzZWZiNGIxMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZKTWVpLImtYHWoMB1Z3heyEdkdP
+oH6jUnAbk7Pfmh9/XEFdQiZGlYS/pvjSLAo/j2sZtRWoY4LFwZG9ZjasoPDqTH2
aqkZ9x8rFQTBBIQ7KXeDaL2I9xHLbr0NiilKHjSlpv1QGp6lIeMytN+ySEn8n/qh
M7y4pyi2o+knV40ORe43/rkfV9cOGhmiOaiMXMvnUMYhR27OynlHKVnlzZYOkB/p
fW4Aqdoan1bXXn1bR5SEnMkihjPyNtS251zijn0g4cuBBX6mpjU0MN+MQOQKE7Jm
F67Mse7QH+SbXJ5XdKxe7ySAkyF6yMV2N8ShlT/V7vPcUqsOwXWTfPzvsQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFNOTQ/wf5FoPj1PFppcceT77SxDPMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvMDVORF9CX2tXZy1QVThXbWx4eDVQdnRMRU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEBVLA
gAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOw
a5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBAXR4+ADBAbZPQADBATZ
xoAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBABQb3sXg9wdWi05i
q8SFw1v7/W8zb4FANjsn357pV+WGBtW3zukt4QjA+8WBvF4PQagx1+ljW3mJ/T9E
rZS/2vLyVpzLKuKi85J+J6Y4qka5dn57y4RcW4LBmdwwcmc+dTGPCD7u1H7SupUt
ImwwHDPgjcAT05j25qi5yRTKWmSRuNykWJP2v6NEMGLc9fHAtd4cL5T9v2XTZBCJ
HxDijx4ojNVoPOCJ/s07c8Ml0wV0gI6klIfseYv1xDk3vQwObkwt5d6KlGN0dufj
wqEn3Svkt/390Xm4odYUNguqRyNpVTwisQ28rN9yUqpjSzlF2oGC6R8JlMuKEn3U
5m2MjrY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:15 2024 by rpki-client on console-ams.rpki-client.org